Serialization uses the java.io.OptionalDataException class to indicate that a
call to ObjectInputStream.readObject() has failed due to unread primitive data
in the stream. OptionalDataException also serves a second function: it is
thrown when a readObject() call occurring inside of a class-defined
readObject() or readExternal() method attempts to read past the end of custom
data. This second function is nearly completely undocumented, save for the
one-line cryptic comment accompanying the "eof" field:

  "True if there is no more data in the buffered part of the stream."

To make matters more confusing, OptionalDataException is not thrown in all of
the situations one would expect it to be: attempting to read past the end of
custom data with any of ObjectInputStream's read() methods will return -1
instead of throwing OptionalDataException, while attempting to read past the
end with a primitive data read (e.g., readInt()) will throw an EOFException
instead of OptionalDataException. RFE 4360508 also documents a bug in which
custom readObject methods can read past the end of custom data (and into the
next object/superclass' stream representation) if the serialized instance's
class did not define a custom writeObject method.

It is becoming increasingly important for serialization to address this issue,
as more and more classes are starting to use OptionalDataException.eof to
govern conditional reads of extra custom data (e.g., java.awt.Component,
java.awt.Container, java.awt.Frame, java.awt.Window, etc.).

The behavior of serialization in cases where read operations exceed custom data
boundaries should be more clearly specified, and more consistently implemented.
Specifically, each of ObjectInputStream's basic and primitive read operations
should throw an OptionalDataException if an attempt is made to read past the
end of a custom data block.